Gab

Merci

As already said is a newly installed system and i’m the support team of my VPS.

I have installed LAMP and the directrory document root of apache is a subdirectory of var/www.

   Options Indexes FollowSymLinks
    AllowOverride all
    Require all granted

I have already performed the manual update of the cores files without success.

• This reply was modified 4 months, 1 week ago by Gab.

This the apache2 error log:

[proxy_fcgi:error] [pid 69271:tid 140642110903872] [remote x.x.x.x:50312] AH01071: Got error ‘PHP message: PHP Warning: Cannot modify header information – headers already sent by (output started at /var/www/magmata/wp-includes/rest-api/class-wp-rest-server.php:566) in /var/www/magmata/wp-includes/pluggable.php on line 1435PHP message: PHP Warning: Cannot modify header information – headers already sent by (output started at /var/www/magmata/wp-includes/rest-api/class-wp-rest-server.php:566) in /var/www/magmata/wp-includes/pluggable.php on line 1438’, referer: https://www.MYSITe.com/wp-admin/post-new.php

• This reply was modified 4 months, 1 week ago by Gab.

Basically; I went to publish a test article and it said “Publication failed. The answer is not a valid JSON answer.” It’s been many years that this problem afflicts wordpress…..

WordPress site health checker is saying there are issues to the rest api.

Con questo messaggio di errore:

The REST APIs did not correctly process the context parameter of the query.

I was thinking to block access to it.

When I try to activate akismet, but also hello dolly, the page distorts for a few seconds, and then nothing happens’, the plugin is not activated even after I reload the page.

I managed to delete for example hello dolly by going to delete. But the elimination phase remains on “elimination in progress” and hangs.

Then I reload the page and the plugin has actually been deleted.
Instead I downloaded updraftplus, I go to activate the plugin , the page distorts for a few seconds or only half readable, and nothing happens even if I reload the page.

• This reply was modified 4 months, 1 week ago by Gab.

At the moment, every time I reload the page, a removed plugin return to the list of available plugins, others that I had deactivated, have been reactivated. I try to add products to the shop but in vain … wordpress + php7.4-fpm for me is not working as expected.

It’s not asking ftp credentials anymore but since after php7.4-fpm upgrade, wordpress has not stopped unexpected behaviors.

Launching this command
egrep '^(user|group|listen|export APACHE_RUN_[UG])' /etc/apache2/envvars /etc/php/7.4/fpm/pool.d/www.conf

/etc/apache2/envvars:export APACHE_RUN_USER=toroseduto
/etc/apache2/envvars:export APACHE_RUN_GROUP=toroseduto
/etc/php/7.4/fpm/pool.d/www.conf:user = www-data
/etc/php/7.4/fpm/pool.d/www.conf:group = www-data
/etc/php/7.4/fpm/pool.d/www.conf:listen = /run/php/php7.4-fpm.sock
/etc/php/7.4/fpm/pool.d/www.conf:listen.owner = www-data
/etc/php/7.4/fpm/pool.d/www.conf:listen.group = www-data

I found out php7.4-fpm considers www-data as running apache2.
Instead the apache2 on my VPS is owned by toroseduto, unprivileged user i created.
I will change all the instances in fpm/pool.d/www.conf file about user, group and owner from www-data to toroseduto and permissions to /run/php/php7.4-fpm.sock accordingly.

# ls -la /run/php/php7.4-fpm.sock
srw-rw----  1 www-data www-data    0 ott 17 16:26 php7.4-fpm.sock

# chown toroseduto:toroseduto /run/php/php7.4-fpm.sock

• This reply was modified 4 years, 1 month ago by Gab.
• This reply was modified 4 years, 1 month ago by Gab.
• This reply was modified 4 years, 1 month ago by Gab.
• This reply was modified 4 years, 1 month ago by Gab.

This a screenshot of the “WP Link Status” crawler results on my site:
https://httpsimage.com/v2/d4a6e557-0bb1-42f6-a518-6bbc8c7b99b2.png
kind regards

• This reply was modified 5 years, 5 months ago by Gab.

That right there could trigger epileptic seizures!

hopefully not !

I solved.
By pure chance, reading the pagespeed module configuration, being involved in improving the site speed, I read that mod_pagespeed with apache2.4 could cause problems.
I then disabled it and the redirect loop has ceased.
End of a nightmare ??
Thank you and good day

@autotutorial
Summary.
As woocommerce enable, an infinite redirect loop occurs.
Looking at the logs a cause is the official woocommerce paypal plugin and the other is klarna-checkout…* that I had removed some time ago and I don’t understand why it’s in the logs.
Have a good day

Gab

English is not my mother tongue and I have to admit that I didn’t understand much.
Below is a link to the infos from the php file you mentioned.

https://www.klanmuziklab.com/infos.php

I was wondering why that klarna plugin harms woocommerce even after removing it.
I don’t use CDN.
I’ve had to deal with CDN for images, but I want to minimize https requests at theirs minimum possible.

• This reply was modified 5 years, 6 months ago by Gab.
• This reply was modified 5 years, 6 months ago by Gab.
• This reply was modified 5 years, 6 months ago by Gab.

@fernashes
in addition to the information given in the previous post there is to add that for my site I used javascript optimization plugins that could have and have often partialized the visualization of the site, blocking elements.
Other factors that can cause the redirect loop can be the mod-rewrite apache plugin:

       RewriteEngine On
        RewriteCond %{HTTPS} off [OR]
        RewriteCond %{HTTP_HOST} !^www\. [NC]
        RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
        RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/.*
        RewriteRule ^(.*)$ https://www.klanmuziklab.com/$1 [R=301,L]

This in 000-default virtualhost. Next one is .htaccess with defaults wordpress values:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

I tried setting http header content-security-plocy and content-referer with no success.
Many parts of the site were not loaded so I left.
I show you how I configured the http headers:

Header set X-Content-Type-Options: "nosniff"

Header set X-Frame-Options: "sameorigin"

# Instructs browsers to enable their browser side Cross-Site-Scripting filter.
Header set X-XSS-Protection: "1; mode=block"

# HSTS
Header set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"

# Content Security Policy
Header unset Content-Security-Policy
Header unset Referrer-Policy

# Secure Cookies
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure

My intervention is not to be understood as the solution to its problem that will be solved by WooCommerce experts, we are just chatting and I hope without offending it

@autotutorial it looks like i’m paniking … and i am … sorry!
It’s a production environment…

• This reply was modified 5 years, 6 months ago by Gab.
• This reply was modified 5 years, 6 months ago by Gab.